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Summary nf ^;he Ihvei^^r^r^ 

5 °-^«Paymentft>ranon.linepnKiuctlTaBsaction.compri^ 

which IS atranged to be imtiated via a merchant site and is a«anged io provide a 

aotmechoB to a financial institution appHc^^^ 

the fmancwl mtitution ^Ucation, to ameichant account. 

10 By "on-line payment'* is meant any payment which is initiated over a network 

connection. By "on-line product transaction" is meant any transaction for a product 

telephonynetwoifc. Computmg system neUvork" includes any networfc of computing 
devices. Computing devices" inchide conventional computers, PCs, laptops, and 
15 °^^1'^«<^tmication8devioessuchasmobiletelephones,personaldigit^ 
and any computing system wWch is connectable to a network. 

A >od«ct transaction" is a transaction for any pioducl^ which may include goods 
and/or services. 

20 

A "merchant site" is a computer network site provided by a compiling system which is 
comxectable to the network to offer products for sale via the network to customers A 
Waal mstitntion appUcation" may include any application operated by a financial 
mstitut.on» suchas abank or other accomit providing authority, "nre financial mstitution 
25 ^PPl^cationwmbeusuaUyprovidedbyafinancialinstitutioncomputi^^ 

« connectable to the network to make available ttie financial institution ^Ucation. 

A typical computer network on which on-line product transactions take place is the 

3 0 ^ "^"^ '^"^ "^"^ ^ ^^^^ ^ ^'''^ ^tomers to 
30 enable customers to determine whether they wish to pim>hase a product. Represent 
mvention is not, however. Ihnited to application on the Internet only. It may be ^Ued 
to any computer network where products a« sold on-line and with flie facility to 
connect to financial institution systems. 

35 Preferably, llieinterfece means enables the payment to proceed in "real time" ITiis 
preferably enables payment to occur during the product transaction. 
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Payraent may be by way of any stored valued methodology eg. money, loyalty points, 
etc. 

Preferably, the inteifece means is ananged to be initiated via the merchant site via a 
5 oistomer Operating a customer computing system. 

Prefeably, the mterface means is amnged to generate oonfiimation to a merchant 
system that payment has occmied. Pref«ably, the confinnation enables the merchant 
system to complete the product transaction. Preferably, the system is arranged to 
establish a connection with the financial institution con^ting system for generation of 
confiimation that payment has occurred. Preferably the connection is estabUshed 
between the merchant site and the financial institution computing system. Preferably 
the coraieotion is a secure connection. This advantageously avoids fi^udulent 
generation of confirmation of payment, therefore reducing the chances of fraud and 
15 assuring the merchant that the cbnfirmatioii is generated by the financial institution 
computing system. 

Preferably, the interface means is arranged to obtain details of the transaction and 
provide those details to the financial institution plication to enable payment. 
2 0 Preferably, the transaction details mclude tiie amount of payment Preferably, the 
transaction details include information which may be required to identify the 
transaction. Por example, the transaction details may include a merchant account 
identifier. 

25 In one embodiment, the intei^e means is airanged to interface with known pre- 
existing financial institution jq)pHoations. These include financial institution 
applications provided by so-called "hitemet banking" sites. 

Financial institution applications usually require a security means to be entered to ' 
30 enable operation to cany out processes such as payment by a customer (who may hold 
an account with flie financial institution) to fliiid party accounts: In one preferred 
embodiment, the mterface means mterfaces a customer's computing system to the 
financial institution application to enable the customer, who is facilitating the 
transaction at tiie merchant site, to enter then- security means (which may be a 
35 password, PIN or any other type of security means). 

In an alternative embodiment, the system for fecihtating on-line payment includes an 
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msbtution ^Ucation. The agent application is preferably arranged to obtain the 
secunty me^ from a customer computing system, the security means being stored in a 
Storage location accessible by way of the customer computing system. Preferably, the 
secunty means is stored in encrypted W The agent ^plication is preferably arranged 
to obtam the decryption key for the customer's encrypted security means, to enable 
decryption of the security mesns. The agent ^plication may operate in a similar mam^ 
to mat of the active content agents described in the applicant's pending international 
patent application, no. PCT/AU02/00150, filedon 14 February 2002. Diaclosme of this 
10 document is incorporated herein by reference. 

The system is preferably arranged to store a record of transaction details for a 
transactiorL 



15 



The system prefembly furlher includes a database arranged to store transaction details 
of transactions. This database may be accessible by merchants and/or customer in 
order to enable them to monitor the history of fiansacstions they have carried out via the 
system. 

2 0 Preferably, ihe system of the present mvention may be used to Mitate payment for a 
hansaction fiom a debit or credit account of a customer to a designated account of a 
merchant 
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30 



35 



In at least a preferred embodiment, the system of the present invention provides the 
.advantages that a customer accessmg amerchant site and wishing to purchase aproduct. 
can make payment for that product in 'Veal time". In the preferred embodiment, the 
mterfece means comrects the customer system to a designated financial institution 
^phcahon which enables the customer (under control of the interface means) to make 
payment fiom customer account (e.g. a standard cheque accomit available on-line) to a 
designated merchant account. The system then confirms to the merchant that payment 
has been made so that transaction can proceed (e.g. deUvery of the product can be 
authonsed). M one embodiment, as discussed above, a secure comM«:tion is made 
between ttie merchant site and the financial institution computing system for 
confirmatian that payment has been made to the merchant. 

In at least the preferred embodhnent, the transaction payment is carried out mider the 
control of the customer who is paying. The customer does not have to give any security 



wo 2004/114168 

PCT/AU2004/000846 



- 5- 



15 



means (such as credit caxd information, account identification information, etc.) to any 
ofli^fendparty, oihertiian the financial institution that they usuaJily deal with (byway 
of the financial institotion ^Hcation). No passwords or credit card numbers need to be 
given to merchants thatthensermaynot trust naemerchant, in turn, has the comfort of 
bemg aware that payment has occurred before he delivers his product 

accordance with a second aspect the present invention provides a method for 
facihtatmg on-line payment for a transaction between a customer and a merchant 
comprising the steps of, during a transaction via an on-line merchant site, accessiiig a 
financial application and making the finaucial appUcation available to enable a payment 
from a customer's account to an account of the merchant. 

Preferably, the method comprises the forther step of operating the financial appUcation 
to make the payment 

Ih accordance with a third a^ect the present invention fbrther provides a computer 

program arranged to control a confuting system to implement a system in accordance 
with the first aspect of the present invention. 

2 0 in accordance with a fourth aspect the present invention provides a computer readable 

medium providing a computer program in accordance wilJi the Aird aspect of the 
present iiivoition. 

< 

^^^d«^<'ewithafiffliaspectthepresentinventionprovidesasy5temforficiUt^^ 
25 on-hne payment for a product transaction, comprising an interface means which is 
anranged to be initiated via a merchant site and is arranged to provide connection to a 
payment means to enable processing of the payment to a merchant account 

fteferably.theintcrfacenieansisanrangedtocomiectacustomercomputer^^^^ ' 

30 themerdiantsitetothepaymentmeanswhei^ythecustomercomputercaninitiate 
payment 

Preferably, the payment means is provided by a financial institution site. 

3 5 A further aspect of the present invention may relate to on-line payment of transaction 

sucb as bills, and peer to peer payment 
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fix aj^ordancewithasixthasp^ the present w^^^ 

fecilitahng on-lme payment, the system comprising an interface means which is 

ao^^tobeimtiatedviaaaystemme^^^^^ 

payment means to enable processing of the payment 

5 

A syst^ message may be any message which can be transmitted via a netv^ork. 
n«terably, flie system message is an e-mail message. 

party,tixee-ma.lmessageindicatingtotheotherpartyarequ^ Por 

the e-mail message may include a biU for ntility service. The e-mail preferably 
H.^ahnkwMchisenabled to connect ^ef^erpartytoapaymemme^^^^^ 
as through a merchant site, to enable payment in response to the message. 

15 ^«^coniancewithasevcnthaspect.thepresentinveationprovidesameth^^ 

payment for a transaction, to link a transaction payers computing device to a payment 
means to enable processing of the payment 

20 ^-cord^-j^aiandghthasp^t.theprese„tinv^^ 

including mstructions for controlling a computing system to implement a system in 
accordance widi the sixth a^ect of the present invention. 

25 "^dimnprovidmgaprograminaccordancev^ththedghlhaspectoftheinventi^^ 
Brief Dese rtion of the ni^ wh^yy. 

Featuresandadvantagesofthepresentinventionwm^^^^^ 
3 0 foUowmg description of an embodiment thereof by way of example only, with 
reference to the accompanying drawings, in which; 

H^e lis a schematic diagram forillus^^ 

an embodiment offlie present invention; • 

35 

an embodmiatt of ttesresenl invemlon; 
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Figure 8 is a an exainple computer sci^ display iUustrating tratisaction data records 
v^ch may be produced in accordance with an embodiment of fee present invention; 

Figure 9 is a flow diagram iUustiating apiocess in accordance ^vith an embodiment of 
the present invention. 
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Description of the Prefen-^ Embodiment 

A system and method in accordance with one embodiment of the invention wiU now be 
described with reference to the accompanying drawings. 



' "niesystemandmefhodoftWsembodimetttoftheinyentionfedlitateonline 

transactions. By "on-line transactions" is meant any transaction which occurs over any 
networic The example netwo* used in the following description is the Ihtemet. The 
invention maybe ^lied m any network environment, and is not limited to appKcation 
20 over the Litemet. 

The system of this embodiment includes an int^face means, which will be illustrated 
and described in detail later, and which in this example is implemented by an 
appropriate server computing system 1 which is connected to the Internet 2 via 
Wropriate communication means 3. The interface means in this example includes 
software which is arranged to be made available over the network by the server 
computer 1. 



Also iUustrated in Figure 1 is a merchant ccunputing system 4. The merchant con^uth^ 
system 4 may mdude any appropriate type of server computing system 4 which is 
arranged to serve Web pages 5 on the Ihtemet 2. in order to provide a merchant site 
where, for example, products may be offered for sale. In the ilhistration a single 
merchant system 4 is shown. This merely serves as an illustrative example of many 
existing merchant computmg systems arranged for connection to the Internet 2. Tbs 
present invention may be implemented via any suitable merchant system, and is likely 
to be implemented on many merchant systems. The merchant system 4 is arranged to 
serve web pages 5, to provide a website via which infonnation on products (including 
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goods and/Of services) maybe accessed and via which p«,d«cts maybe purchased in a 
known manner. In accordance with this embodiment of the invention, the mexx^hant 
coi^utmg system 4 is also aixanged to operate with the interface means provided by the 
. system 1. t- uy ui^ 

Also shown in Figure 1, are customer computing ^sterns 6. Tbe customer computing 
systems 6 may comprise any appropriate computing system including ^opriate 
software and hardware and in this examplaiy embodiment are fflustmted as bdng PCs 
including a computer 7. monitor 8, keyboard 9 and mouse 10. 

The user computing systems 6 includes browser or other software 1 1 which is arranged 
to enable the computing system 6 to browse or access Web pages over the Internet 2 
such as Web pages 5 provided by the merchant system 4. Browsers are Imown. ' 

Tn Figuw 1, three user comporting systems 6 aiie shown. This is for illustrative purposes 
only. As is well known, &ete ate many customer computing systems vMch are 
arranged for conneclion to networks such as the Internet, so that, for example, 
customers can browse various merchant sites (as weU as other Web pages) in order to 
select products for purchase. This embodiment offhepi^sent invention may be 
iinpleraented for many customer computing systems and many custttmers, 

ConventionaUy, when a customer accesses the Internet to view a merchant site then- 
browser brings up tiie appropriate Web page and the user studies the Web page(s) and 
selects an appropriate product (by way of a "shopping basket") for purchase. In order to 

imHH»dwilhlhepu«dme, the customer must then provide pa>.nent details to the 
merchant site. This is most u^uaUy done by way of providing credit card details As 
discussed above, many people are reluctant to provide their credit card details to 
merchant sites. 

The majority of customers ke^ accounts with financial institutions, such as banks. Tl,e 
majority of financial institutions offer services which are available on-line Hiese 
services may include access to a customer's accomit records. They may also include 
facihties which enable a customer to pay ibird parties dircctty fiom their" account For 
example, the financial mstitution may offer an on-line financial application which 
enables a customer to pay from their account to a thiid party whose accomit details or 
some account identification of the third party, are provided to the appUcation. The iurd 
party's accomit details or identification may include account number, which financial 
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institotion the third patty holds the account With, and other required details. 

M Figure 1, a server cotnputing system 12 of the financial instihition is illustrated. The 
financial institution server computing system 12 is atranged to serve Web pages 13 to 
» the Internet 2. Web pages 13 may enable operation of the financial applications for 
allowmg access to customer account records and malqng account transfers, and other 
functions. Such plications are known. 

Only a single financial institution server computer 12 is illustrated in the drawings. It 
wiU be appreciated tiiat there may be many financial institutions arranged to serve Web 
pages for fecilitating financial appUcations. The present invention may find use with 
many such financial institution appUcations, and tiie single server computer 12 is shown 
for illustrative purposes only. 

The system of this embodiment of the present invention includes an interface means, 
which in this embodinient is in the form of a software appHcation provided by served 
computing system 1 . The interface means operates t» connect to the financial instihition 
apphc^on provided by tiie financial server computer 1 2, to enable payment to an 
account ofa merchant associated with the merohaat system. 

In this embodiment, the system 1 of the present invention also includes a transaction 
record database 15 for storing records of transactions occurring via the system 1 and 
also a decryption key database 1 6 which stores deciypfion keys for decrypting 
encrypted customer security means and which will be described in more detail later. 
The system 1 of tiie present invention may be implemented by any appropriate 
computing hardware and software. Although databases 15 and 16 are shown separately, 
Ihey may be implemented by.combmed haidware/softwaie. 

The customer computing system 6 also may include software in the form ofa digital 
safe 17 and an "active content agent" engine 18. The fimction of these will be described 
mmoredetaillata:. i 

Operation of an embodiment of the present invention will now be described byway of 
Illustrative example with reference to the example computer screen displays of Figures 
4 tiirough 7. The example screen displays have MICROSOFT® toolbar layouts and 
"look and feel". The present invention is not limited to this format any appropriate 
format may be used. Please note flmt where brand names and trade marks are shown in 
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the drawings, they are for example puiposes only and are in no way limiting "to the 
invaition. 

The example computer screen display shown in Figures 2 through 7 ai« the displays 
5 which will ^ear on a customer system 6 monitor 8. 

With reference to the Figures, the customer computer 6 accesses a merchant site 
provided by Web pages 5 supported by merchant computing system 4. In this 
iUmtration, the merchant site offers for sale digital video discs (DVDs). The customer 
browses the merchant site and may select one or more DVDs for purchase. TTie 
customer then proceeds to a "paymenr page on the merchant site, the payment page 20 
bemg lUustiated in Figure 2. The payment page displays the merchant brand name 21 
(in this case Price Buster DVD's (Pty) Ltd). The payment page 20 also directs 22 the 

customertosdeotapayment method. The payment methods available on payment page. 
20 include the conv«»tional payment method of paying by ci«dit card 23. It also 
includes the option 24 of paying the morehant by way of the payment system and 
method m acconiance with an onbodimeat of flie present mventionu The payment 
method 24 is labelled with the brand name "eWise Pay 3P" 25. This is a brand name 
only. Any brand name or any other designation of a payment method may be utiKsed. A 
drop-down menu 26 is available for selecting a financial institution appUcation to 
&cilitate payment to the merchant 
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The page also includes a '"Biller Code" 27, and "Amount" 28 and a transaction 
Werence" 29. Some or all of this information may or may not be shown on the page 
20. For example, in an alternative embodiment, the BiUer Code 27 may not be shown, 
and instead maybe stored and retrieved from a database. 

The amount 28 is the amount that the customer needs to pay to the merchant. 

Figure 3 is a further view of thepayment page 20, showing details of the drop-down 
menu 26. It is clear ftom this that there are a number of financial institution applications 
(m this case four) available for the customer to select Note that any number of financial 
applications maybe provided for selection. This will depend upon the number of 
financial institution applications that the present mvention is authorised for use wife and 
also the number of the financial institution applications which may be available. 

The customer selects one of the financial institution apphcations 26 for payment to the 
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merx^hant (the customer wiU usually select a financial institution appKcation of a 
financia^ mstitution where they hold an account). The selection, initiates operation of the 
system 1 of me p^ent invention. Tt. system 1 provides a Vyment gateway" display 
30(F.gure4).Tliepaymentgateway30opensinaseparateW 
5 ^-^P'^ter6(notethatitmayopeninthesamehn,wserwindow).lliepa^ 

by the system 1 "^accordance with the present invention. Note that the payment 
gateway display 30 displays branding 31 of lie financial institution deploying the 
system. Whether or not this branding is displayed is optional 

10 Otherinfomiationmayalsobedisplayedinthepaymentgateway30page.Shownin 
Figuxe 4 is the '^Merchant Name" 32, a "Reference" 33 and a payment amount 34. Hxe 
Amount Paid" infonmtion includes type of payment that would occur, in this 
particular ok^Ic being a direct debit. Note that tixe further or alternative information 

may be mcludcd in the payment gateway page 30 as desired 
15 . ' 

lu this embodiment, the system 1 utilises a software ^Hcation in the form of a 
software agent in order to provide an interfece to &e financial institution appKcation 
selected. Once the system 1 is initiated by selection ofthe payment mefliod 24 and 
selection of the financial institution appUcation, the software agent navigates the 
20 Internet 2 to locate the financial institution system 12 and website 13 servedby the 

financial mstitution system. The software agent then comiects Ihe customer computer 6 
to the website of the financial institution, so that the customer can connect to the 
financial mstitution application. In this embodiment, the agent application is also 
arranged to extract payment details from the merchant system and provide those 

2 5 payment details to the financial institution appUcalion' . 

When the agent ^Ucation has navigated to the financial institution system 12 the 
appropriate Web page 13 is served to the customer computer system 6. Figure 5 shows 
one example of an "Customer Sign rh** page 35 provided by one particular financial 

3 0 mstitution appUcation. This page includes some infonnation (the infiwmation will 

depend on the financial institution application bemg accessed) and also a ''Customer 
Sign hi section 36 requiring entry of a security means to enable access to the financial 
institution application. It is to be noted that the financial institution appfication is apre- 
existmg appUcation. The agent ^pUcation of this embodiment of the present invention 
3 5 has mterfeced the customer computer 6 automaticaUy to the pre-existing financial 
inshtution appUcation without requiring any operation by the customer other than to 
select the financial institution appUcation to be navigated to from the merchant site 
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1^ to. Fig^ 5 give, one «ampU only of a ft>anoial ta*«on appH«tton. and to 
ims«a unre.tu>D may b. used ,dtt, „y flnanoW tetilution wBcalion. 

l;l-"^'rts^mtop»c,s»iafl«,«„cu*o««x««erstheirs^ 
. CustonaS.8ntosectiod.I„Maexfflnple*e«curitymean8ine^ 
N^ber 37 a»l a PasswoM 38. The securay n>«„s nay in^tade ^ f 

meaiB, dopendmg ,,,00 the seairity me«B mpnred by flK flnanctal inst^ 

applicatiou. 

Note that in an alternative embodiment to be described later, the system of the pr«seat 
inv^ation may automatically provide the security means to the financial institution 
appbx^n. In the illustraf«d embodiment, however, the custxwner p^vides the security 
means themselves. 



15 



No security means is provided t« Ihemerchant site. The customer instead provides Ifae 
security means directly to the financial institution ^plicatioa Hiis is something that the 
c«stomeriscomfortablemlhdomg.Thereisnopotcntialforft^ to 

Uhcitlyaccessthecustomer-saccountvialhefinandalinstitutianappHcation Hie 
payment to the meirchant via the financial institution application is under the control of 
20 the customer and is separated &<m the memhant system. 

Once tiie security means have been entered, the financial institution ^pKcation operates 
to enable payment to the merchant The agent appKcation automaticafly navigates the 
site to the appropriate page. Referring to Figure 6, the page 40 is served to the customer 
25 computer 6 by the financial institution system 12. The page 40, in this example, enables 
entry of details for payment firom an account the customer has with the financial 

institution, to an account of the merchant (which may be with the same financial 
msfahition or another financial institution). Ih this example, page 40 includes 
i^ormation such as the account 'Tay W 41, the "Payer Name" 42, a "Description" 
of what the payment is for 43 . The page 40 also includes information relating to the 
merchant payment details, including the "Account Name" 44 of the memhant, the 
cuirent identification information mcluding in this example a «BSB Number- 45 and an 
Account Number" 46. It also mcludes a "Description" 47, which in this case is the 
Reference 33 which appears in the merchant site as reference numeral 29 and on the 
payment gateway as reference numeral 33 and which identifies the transaction to the ■ 
system 1 of the present invention. The information also includes an "Amount" to be 
paid. 
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In th« «ntodmi«t of the ix^vemion, as discussed above the agent appUcation obtains 
paymait deta,b.fiom the merchant site. It may also obtain details of the payer either 
fi^tf»«/»«chantsiteortJiec«stomercon«,merorasystemda^^^^ 
5 ^^-n^thedetailsobtainedbytheagent^licationareautotnati^^^ 

financialinstitution^Hcation.HiesedetailsinokidethePayerName42 the 
Desatption of the item 43, the Account Name of the m«chant 44, tixe BSB Number 45 
the Account Number 46, the Description 47 and the Amount 48. One advantage of * 
, n "^^^ automaticaUy entered into the fin^cial institution ^pUcation is 

10 thatthey willbeaccurate^thoutanypotentialforcustomer error. ConventionaUy a 
customer v^uld enter the details via a user terminal 6, which can often result in erJor 
The agent appUcalion is arranged to obtain the details that are relevarxt for the particular 
financial mstitution q^lication. The agent application therefore operates by first 

15 the details that it knows are required for that financial mstitution plication fiom the 
mfitchant site and (if required) the customer computing system 6. 

Note fliat the account of the customer41 maybe selectedby the customer or may 

^^t^^^ti-^a^^eselectedbytheagentappUcationbasedottinfomiationprovid^^ 

20 customer computer. 

Note that this page and other pages may not be visibly displayed to the user in the case 
Where it is fully automated by the agent. 

25 P<»Jl^^stoissionofthepaymentdetailsandprocessingbythe^^^^ 

apphcation of the payn,ent to the merchant, the system 1 of the present invention 
produces a "Payment Received-page 50 (Figure 7). This page is similar to the initial 
Payment Gateway page 30- It mcludes furlher details, however. Inp^^^ 

ax^d tmie 5 1 on which payment was made. It confinns 52 the amount of payment 

3 0 ftat was made and flie date. It provides information on the receipt 53 which is provided 
by Ihe system I to the merchant system 4. It also includes some further reference 
tnfonnation 54 providing details of the account paid from and the financial institution 
r«.eipt number that the agent extracted automatically from the financial institution site 

^^"^^h^tthereforereceivesanofacialreceiptofpaymenttolheiraccountofthe ' 
35 rcqu^ed fimds for the transaction. They can therefore organise deUvery of the product 
to tibe customer inthe comforting knowledge that they have already been paid. In one 
embodmient. the system implements a process to reduce or avoid the potential for 
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provision of a fraudulent receipt to the merohant. In this embodiment, the customer 
system 6 transfers the relevant session information to the merchant server 4 before the 
financial institution system 12 issues the receipt page 50. The merchant system 4 then 
establishes its own Secure Socket Layer (SSL) session either directly with the financial 
institution system 12 or via the customer system 6, providing an end^to-end SSL session 
between the financial institution system 12 and the merchant system 4. SSL 
communication is known. The customer's existing session with the financial institution 
system 12 may be maintained Because the merchant system 4 has a direct SSL session 
with the financial institution server 12, the merchant can be assured that flie receipt 
information they are receiving is being provided by the financial institution not by a 
fraudulent process eg a fraudulent customer system. 

The estabUshment of the additional/alternative communication channel 
between the merchant system 4 and the financial institution system 12 does not require 
that the customer disclose any of their authentication details to the merchant system 4. 



In one embodiment, the payment confirmation details may be digitally signed 
by the financial institution. Where the financial institution digitally signs the payment 
confirmation, the system I of the present invention vahdfites tiie signatuie to ensme 
20 vaUdity before notification to the merchant. 

Note that a '•Return to Merchant" button 55 is provided for the customer's return to the 
merchant site. 
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Figure 8 is an example computer display screen which may be viewed via a merchant 
system 4 and shows a records page 60 of transaction records stored in database 15 of the 
system 1. The. system 1 serves the page 60 to the merchant system 4 so that the 
merchant can view the transaction records of tiie transactions that have occurred via the 
system 1. 

The records may be represented in any convenient fonn on tiie page 60. In this example 
the records include mformation such as '•BiUer Code" 61 ; "BiUer Name" 62; 
"Reference" 63; "Account Paid Via" 64; "Comment 70; "Amount Paid" 66; 'T>ate 
Paid" 67, and the "Rsc&pt Number" 68. 

Records may also be provided for access by a customer computer server so that a 
customer can view transactions that they have paid via tiie system 1 . 
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In Ihe above embodimem, the customer is expected to remember enter their own 
security means to emible access to the financial ^pUcation (Figure 5). In an alternative 
embodmient, the technology disclosed in the appUcant's co-pending international 
application no. PCT/AU02/00150 may be eaq>loyed to enable the agent application to 
automatically obtam the customer's security means and enter Aem to the financial 
institution ^plication. 

Referring to Figure 1, in this alternative embodiment a customer computer system 6 
mcludes software including a digital safe 17, and an ACA or "Active Content Agenf' 
engine 1 8. The digital safe 1 7 stores in encrypted form (using any suitable encryption 
technology) the security means of the user for enabling entry into the financial • 
institution application. Database 16 at invention system 1 stores decryption keys for 
decrypting the encrypted security means in the digital safe 17. 

m cq)eration, the agent appKcation wWch inq)lemettts the inteifeo^ 
mstitution appKcation, is also arranged to obtain the security means 1 7 fiom the digital 
safe 17 of the customer computer 6, It does this by furat detennining the identity of the 
customer computer, then obtaining a decryption key ftom the database 16 wHch is 
arranged to decrypt the encrypted code in fho digital safe 17. As part of the registration 
process, a customer would have their security means, such as passwords, encrypted by 
the system 1 and be provided with a password to enable access of Hie agent application 
to the decryption key 16 for the user computer 6 stored in the encryption key database 
16. The customer may be required to enter a password to the gateway so that the agent 
application can then automatically obtain the security means for the fiuanoial institution 
appKcation ftom the digital safe 17. 

The ACA engine 18 detarmines whether the agent ^cation is a correct agent 
application for the financial institution plication and whether it is aulhoiised to access 
the customer computer 6 for digital safe 17. The agent appUcation may be provided 
with a digital certificate which the ACA engine can use for authorisation. The ACA 
engine then executes the agent appKcation insofar as it enables the agent appHcation to 
access digital safe 1 7 and decrypt the requisite secmity means for tiie particular 
financial application. At the stage where the user is expected to entear their security 
means to the financial institution appUcation (Figure 5), this is automatically entered by 
the agent application. Hie rest of the process is then the same as with the above 
embodiment Note that once the security means has been decrypted by the agent 



wo 2004/114168 

PCT/AU2004/000846 

- 16 - 

5 At st^ 70 , customer acoe«»s a ■aarfan, ate. At nq, 7 1, By«em of tte pt««t " 
s.ep73 theagen.appUcad<„eo»ec.,ac,»«.on»utcrtofl»fi™J^^ 

A.-t«™od.hove.th.c^o„„fp,^,^^,„^,^, 

^ ». be «... M an a,.«n,ttve en^bodtacnt the a^t 

the customer to the itoancial institution applicaHon and cu^ fin, I 
fl« d««li. Itc ag«l ften ^.tracts the «eeip, aad notifies the Me«au«,, of ^ 

2S ^*='^»l««i*.««ftce^a^yp^e.«dstingflBanoia^inst^^ 

Ad^ca.,tt,^tetal«„.fa„^fl«aie«areakeadyn«nyii^^^ 

mshtution ^TOlKatK^ in ™tence Which liable a user to p^^ 

»v^n « no. Hmited to us. w«h pre^ ^ ^pUcations.' 

^■"'-'"•^y.beu«»dwi.hfinancialinstitutionapplicafio«that.,cd.sign.d 
suhsequent to inwlementalion of the present imwdion. 

'S ^fl-^^bodun^tofonepardeularfe^ 

^ ^ ™a.e ft™ or fenna. may be used with the pteseni invention. Further 
d.fife«.,u^a.„,ntothatinS^onshownin the specific cmbodimentn^ylT" 
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utiUs««i and iUustrated in pages used with the present invenlion. 



In flie above description of the prefixed embodiment, it is assumed the customers 
^hsmgA^emver^onwiUaccessthemercha^^ 

access from any computmg system which is comiectable to the netwodc. 

fo^itr'fr*'?'''^'""'^^^ 

componcits of the system are implementedby appropriate software supportedby 

TO^e h^dware. Any software/hardware mix that can 
falls wifhm the scope of the present invention. 

m the ^ove described embodiment, the financial mstitution system provides a website 

^esstble by way of the Internet Ihep^senthxvention is not limitedto 
fin^c^al mstitutions that provide access to Aeir appUcatio«s by way of Internet 

web^tesoth^methods of comiectionftomanetworicto thefts 
beuhUsedwiththepresentmvention.Foremnple,lhesystem 1 ofthepresent 
mventton may in some cases have a direct connection to a financial mstitution. the 
direct comiection being implemented when comiection to a financial institution 
application is required. Further, ihe network is not limited to the Internet. The present 
mvention may be implemented over any appropriate network. 

Generally, the present invention provides internee means which is arranged to comxect 
to a payment means so that the processing of payment to a merdiant account can be 
canted out In this, in at least a prefaced embodiment, is without requiring any security 
meanstobeprovidedbythecustomertofhemerchant y^ecunty 

In the above described embodiment, the customer ac«rtmt is a debit account the 

present invention is not limited to use wifl» a debit account The account may be any 

tj^eofaco^unt For example, the account may beacHHiit card accom^ 

card detaals would be pmvided to the financial institution application for credit to the 

merchant 

^ a variation of this invention, on-line payment maybe facihtated without requiring 

fechtated andbdl payments canbe facilitated, hnplementationis similar to the 
miplementation discussed above m relation to first embodiment of the present 
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inv«ition.lxisteadofimtiati^ 

initiation is via a system message. Tho system message may be ^n e-mail message A 
customer receives an e-mail message, and the e-mail message contains a link to the . 
system gateway such as described in Figure 4 of the drawings. The difference here is 
= that the hnk is in tiie e-mail message and not at the merchant site, but otherwise 

operation is similar. Details of the person who is to be paid may be exacted fiom the e- 
loatl ox a system database. 

The person who is to be paid may be anybody. It could a utiUty provider, for Example 

• s«»<l«goutautiUtybill.Itmaybeanotherpersonmerelyrequiringpaymentintotheir 
account from the payer. 



Modifications and variations as would be ^parent to a skilled addressee are deemed to 
be within flie scope of the presort invention. 



